Introduction
Welcome to Othrfund ("Othrfund", "we", "us", or "our"). We are committed to protecting and respecting your privacy and personal data in compliance with the United Kingdom General Data Protection Regulation (UK GDPR), the European Union General Data Protection Regulation (EU GDPR), the Data Protection Act 2018 and other applicable data protection laws.
This Privacy Policy explains how we collect, process, store and safeguard your personal data when you use our website, platform or services, your privacy rights, and how the law protects you.
If you are an employee, contractor or job applicant, a separate privacy notice applies to you.
Our services are not intended for individuals under the age of 18 and we do not knowingly collect personal data from children.
By using our services as a prospective or registered borrower, lender or introducer, you acknowledge and agree to the collection, processing and use of your personal data as outlined in this Policy.
We may update this Policy periodically. Updates will be posted on our website and we encourage you to review it regularly.
Who we are
Othr Ltd is the data controller responsible for your personal data.
Othr Ltd
Company number: 16299969
4th Floor Office
205 Regent Street
London
W1B 4HB, United Kingdom
For any questions regarding this Privacy Policy or how we process your personal data, please contact: info@othrfund.com
You have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection: https://www.ico.org.uk
Personal data we collect
We may collect and process the following categories of personal data:
Individual information
Personal data relating to your identity, including:
- Name
- Email address
- Phone number
- Job title
- Company name
Financial information
Financial data about you or your business, including:
- Bank account details
- Accounting information
- Transaction history
- Financial statements or supporting documents
Account and profile data
Information related to account creation and use, including:
- Login credentials
- Passwords
- Profile preferences
- Transaction data
- Details relating to financial transactions conducted through our services
Communications
Any correspondence between you and us, including support requests, enquiries, feedback or complaints.
Information technology data
Technical data relating to your use of our website or platform, including:
- IP address
- Browser type and version
- Device type
- Time zone setting
- Operating system
- Platform information
- Website usage data and logs
Advertising and marketing data
Information about your marketing preferences, including:
- Marketing consent
- Communication preferences
- Engagement with campaigns
Market research data
Information collected through surveys or research regarding financial products or services.
Aggregated data
We may also process aggregated or statistical data derived from personal data. Aggregated data does not directly identify individuals. If aggregated data is combined with personal data in a way that could identify an individual, it will be treated as personal data.
We do not intentionally collect special categories of personal data such as information about race, religion, health, political opinions or criminal convictions.
You are not obliged to provide personal data. However, failure to provide required information may prevent us from delivering certain services.
Sources of personal data
We collect personal data from the following sources.
(a) Data provided directly by you
We collect information when you:
- Create an account
- Subscribe to our services
- Complete forms on our website
- Upload documents or financial information
- Request information about services
- Contact us by email, phone or messaging
- Participate in surveys or provide feedback
(b) Data received from third parties
We may receive personal data from third parties including:
- Lenders or introducers authorised to share borrower information
- Accounting software integrations (e.g. Xero, QuickBooks)
- Analytics providers (e.g. Google Analytics)
- Advertising networks (e.g. LinkedIn Ads, Google Ads)
- Payment and financial infrastructure providers (e.g. Stripe, GoCardless)
(c) Public sources
We may obtain information from publicly available sources including:
- Companies House
- Credit reference agencies such as Creditsafe or Dun & Bradstreet
- Public company filings or regulatory databases
Consent
Processing based on user consent, particularly for marketing communications. You may withdraw consent at any time.
Legal obligation
Processing required to comply with legal or regulatory obligations, including anti-money laundering and financial regulations.
How we use your personal data
We may use personal data to:
Provide our services
- Facilitate funding opportunities between borrowers, lenders and introducers
- Enable lenders to assess borrower eligibility
- Manage user accounts and platform functionality
Manage relationships with users
- Send service updates
- Respond to enquiries
- Provide customer support
- Request feedback
Operate and improve our business
- Conduct internal analytics
- Improve product functionality
- Understand user behaviour and demographics
Marketing and communication
- Send newsletters or content relevant to our services
- Provide industry insights or research
- Share product updates
You can opt out of marketing communications at any time.
Compliance and risk management
Meet regulatory obligations, conduct anti-fraud checks and investigate potential misuse of the platform.
Enforce legal rights
Enforce contractual terms and respond to legal claims or disputes.
Use of Artificial Intelligence
Othrfund may use artificial intelligence ("AI") and automated technologies as part of its services and internal operations.
AI tools may be used to:
- Analyse financial and business information submitted by borrowers
- Support risk assessment and underwriting processes
- Improve matching between borrowers and lenders
- Analyse platform usage and improve service performance
- Assist with customer support and operational workflows
AI systems may process business and personal data submitted to the platform. Any automated processing is carried out with appropriate safeguards and human oversight where necessary.
AI tools used by Othrfund operate in accordance with applicable data protection laws, including UK GDPR and EU GDPR.
We do not rely solely on automated decision making that produces legal or similarly significant effects without human involvement.
Data retention
We retain personal data only for as long as necessary to fulfil the purposes outlined in this Policy.
Retention periods may depend on:
- Duration of the user relationship
- Legal or regulatory obligations
- Business operational needs
Typical retention periods include:
- User accounts: retained while the account remains active
- Transaction and financial records: retained for at least 6 years to comply with financial regulations
- Marketing data: retained until consent is withdrawn
You may request deletion of your personal data by contacting: info@othrfund.com
Your rights under data protection law
Under UK GDPR and EU GDPR you have the following rights:
Right of access
Request a copy of your personal data.
Right to rectification
Request correction of inaccurate or incomplete data.
Right to erasure
Request deletion of personal data under certain circumstances.
Right to object
Object to processing based on legitimate interests.
Right to restrict processing
Request limited processing in certain situations.
Right to data portability
Receive personal data in a structured, commonly used format.
Right to withdraw consent
Withdraw consent to marketing communications at any time.
To exercise any of these rights, contact: info@othrfund.com
Data sharing and third parties
We do not sell personal data. However, we may share personal data with trusted third parties necessary for operating our services.
Service providers
These may include:
- Cloud infrastructure providers (e.g. AWS, Google Cloud)
- Payment processors (e.g. Stripe, GoCardless)
- Analytics and advertising platforms (e.g. Google Analytics, LinkedIn Ads)
- Email communication platforms
Platform participants
Borrower information may be shared with lenders or introducers registered on our platform so they can assess financing opportunities.
Professional advisers
Accountants, auditors, lawyers, insurers and financial advisers.
Regulatory authorities
Government agencies, regulators and law enforcement authorities where legally required.
Corporate transactions
If Othrfund undergoes a merger, acquisition, restructuring or sale of assets.
All third-party providers are required to process personal data in accordance with data protection laws.
International data transfers
Your personal data may be transferred to and processed in jurisdictions outside the UK or European Economic Area.
Where such transfers occur, we ensure appropriate safeguards are in place including:
- Standard Contractual Clauses approved by the European Commission or UK authorities
- Transfers to countries with recognised adequacy decisions
- Other legally recognised transfer mechanisms
Security measures
We implement technical and organisational measures to protect personal data from loss, misuse or unauthorised access.
These measures include:
- Encryption
- Access controls
- Secure cloud infrastructure
- Security monitoring and audits
Access to personal data is restricted to authorised personnel who require it to perform their duties. While we take reasonable steps to protect personal data, no method of internet transmission can be guaranteed to be completely secure.
Data breach notification
In the event of a personal data breach that may pose a risk to your rights and freedoms, we will notify the relevant supervisory authority and affected individuals where required under UK GDPR.
Where applicable, notification will occur within 72 hours.
Changes to this Privacy Policy
We may update this Privacy Policy periodically.
Where significant changes occur, we will notify users via the website or other appropriate communication channels.
Continued use of our services following updates constitutes acceptance of the revised Policy.